19 posts categorized "Telecom"

19 March 2012

It's widely known by now, that the Internet group called "Anonymous" is targeting an amplification attack against the DNS Root Servers. Much has been said about it and different people have different opinions. Here's mine. To get to my point of view, I would like to present some background information. DNS Architecture The DNS name structure is shaped somewhat like a pyramid; The DNS architecture is based on a top down implementation,where the following can be considered members This concept of a hierarchical authority is easier to understand if we examine a sample DNS name space and discuss the issues... Read more →

31 May 2011

Well, IPV4 addresses are almost depleted, right? Sort of, it´s clear that we will be out of IPv4 addresses in 2011, some actual almost "live" info I received mentioned that we had left only 12/8’s and 11/256’s by the end of 2010. Due to the fact that we´re out of IPV4 addresses (unless ARIN decides to make Microsoft and others to return the larger unused IPV4 pools they have), IPV6 deployment is on its way, although this is a process that may take several years to complete. For a example of a joint task force for a massive IPV6 field... Read more →

31 January 2011

In the after-crisis of the Stuxnet worm, Governments around the world are mobilizing to be better prepared against CyberThreats and CyberWar. It's becoming clear, more and more that groups pf individuals with a lot of knowledge, time and motivation can do harm against economies, healthcare, utilities and other systems, being responsible (who knows?) for the collapse of a country. We already had, in the past, cases of well succeeded CyberAttacks that collapsed a country information structure and paralyzed it for a while. We can remember of: 2007 CyberAttakcs on Estonia 2007 CyberAttacks against Syria Radar Infrastructure 2008 CyberAttacks on Georgia... Read more →

05 January 2011

The actual security guide pointed to resides at ZDNet, but this site lists the four parts together (and the ZDNet navigation is not exactly clear). Navigation through the checklist is not completely obvious either. You can go through by clicking on arrow icons (<>) at the upper right hand corner of the images (which may be hard to find because the images can be fairly busy), or by clicking on individual pictures below the image and text. (Clicking the arrow icons down there only moves the pictures back and forth, without moving you through the checklist.) However, once you master... Read more →

05 May 2010

ENISA (European Network and Information Security Agency)has extensive materials on setting up a CSIRT (Computer Security Incident Response Team). They have also provided significant exercise materials in order to test and train such teams. Read more →

27 April 2010

I joined some seminars, conferences, read some articles and studies about ongoing developments of new firewall technologies and I would like to mention my thoughts about it. Some of those technologies are already on the market but they're starting to be accepted by. Features: The next generation firewalls will: Have superior performance (up to 100Gbps); Be deployed on more complex network traffic (MPLS, VPLS); Recognize applications (P2P, Video, Productivity, Web, IM, Skype, Games, etc, even "encrypted/obfuscated ones") for control purposes; Be part of complete security Ecosystems (FW, IPS, Anti-Spam, Anti-Malware, Parental Control, VPN, DPI, Lawful Interception) on a single Blade... Read more →

08 April 2010

This IBM blog entry provides a basic summary of the NIST work on defining cloud computing, as well as some related jargon. It provides a fundamental starting point and basis for assessing "cloud" systems and providers. Read more →

11 March 2010

This module from the UK's OpenLearning/LearningSpace centre is a fairly basic online safety piece. It concentrates on malware, and has numerous minor errors in terminology and definitions, but is reasonable for the general public. Read more →

09 March 2010

You may or may not be aware of the mass of "Hitler rant" videos on YouTube. These take a clip (from the movie "Downfall") and subtitle it with a rant from Hitler about everything from college football to the iPhone to Facebook accounts to ... well, anything at all. This one is about cloud computing and security, and makes a few cute points about security in general. Read more →

10 December 2009

Polly wanna crack a WPA network? A cloud based cluster is offering to help out, for a small fee. You send them a data capture, and they run a 130 million word dictionary against it, in as little as 20 minutes. Do you trust them? Are they going to be used to crack WPA networks? Is this sufficient impetus to move to WPA2? Are you going to create a longer passphrase? Read more →

22 August 2009

Should the CISSP CBK be expanded to cover "human factors" in security? [1] Add “Human Factors” No.[2] Clearly, human factors are a major component to information security and Gary Hinson presents effective arguments that they should be established as an additional domain. On the other hand, Rob Slade makes an effective argument that the human factors are a significant component of each of the current ten domains primarily based on his experience teaching the CBK® to CISSP® aspirants for (ISC)²®. In full disclosure, I also teach the CBK® to CISSP® aspirants, but not for (ISC)²®, but at a local college.... Read more →

10 August 2009

OK, Gary has asked if the CISSP CBK should be expanded to cover "human factors" in security? And I answer "No." With that kind of beginning, you could be forgiven for thinking that I disagree with Gary about the importance of human factors in security. Nothing could be further from the truth. I agree with everything he has said about the fundamental significance of human factors in information security, as well as the difficulty of dealing with them, and will defend to the death his right to say it. What I disagree with is the question. The CBK already addresses... Read more →

22 July 2009

Advertised as RSTEG (Retransmission STEGanography), the technique described in this paper actually uses the standard TCP operations to allow you to set up a kind of covert channel. Interesting idea, although likely neither terribly dangerous nor important. Read more →

21 July 2009

Basic physical layer transmission fundamentals don't get covered much these days, which makes the more advanced technologies that much more mysterious. This DOCSIS (Data Over Cable Service Interface Specification) tutorial is fairly simplistic, but it does provide some starting concepts in order to understand what is going on with cable modems. More details, and other pointers, are available at Wikipedia. Read more →

04 July 2009

This paper provides an overview explanation of fast flux and double flux activities related to hiding malicious Websites, or avoiding takedown (particularly related to botnets). It also suggests certain actions which could mitigate such activity. The essay uses a lot of jargon and is not always clear, but does provide a decent basic explanation. Read more →

13 April 2009

Last week, Telefônica Brasil was victim of a large DNS attack that shut down all their DNS farms affecting millions of broadband users for 3 days. Additional info can be found at the following locations (portuguese): http://tecnologia.uol.com.br/ultnot/2009/04/09/ult4213u703.jhtm http://g1.globo.com/Noticias/Tecnologia/0,,MUL1079950-6174,00.html 6 months ago I wrote a post called "Securing DNS Servers" describing how to implement some security layers to increase the DNS farm performance and overall security. It's important for us, Security Professionals to show to companies (Telco, Gov or Enterprises) the risk involved with critical services (like DNS, but not only) and the value of implementing procedures like BCDR. Not forgetting... Read more →

07 April 2009

I was listening to a recent Security Now podcast that reviewed some important cryptography concepts, when Mr. Gibson made an interesting point: "let's assume that we have control of each end, but we have no control at all of the link between, i.e., the Internet. So that means that our communication is subject to having bits dropped, bits added, bits changed, and even bits replayed, things, packets replayed." This made me think about how we describe these type of connections, visually. The picture commonly drawn on a white board to describe a secure channel over the Internet (and I am... Read more →

27 February 2009

NIST (National Institute of Standards and Technology) recently updated their guidance for Enterprise Telework and Remote Access Security, DRAFT NIST SP800-46 Rev.1. As many are aware, security professionals are constantly considering the security ramifications of employees accessing the corporate network from home and other insecure locations. This includes the use of home systems to connect to the network, corporate laptops from remote locations and the potential of infected mass storage device. This special publication is and update from the previous special publication - SP800-46, Security for Telecommuting and Broadband Communications intended to help organizations understand and mitigate the risks of... Read more →

26 February 2009

Fast flux, the rapid rotation of DNS records to point from a single domain name to a number of separate machines, is widely used in malware serving, phishing scams, and other related net nastiness. Unfortunately, the basic concepts are also used for legitimate purposes, such as performance enhancement on large and popular sites, or the prevention of net censorship. The initial report of the Fast Flux Hosting Working Group of the Generic Names Supporting Organization (GNSO)of ICANN (Internet Corporation for Assigned Names and Numbers)contains a good deal of information and thought, and should receive wider dissemination and consideration than it... Read more →

About the (ISC)² Blog

As the certifying body for more than 100,000 information security professionals worldwide, (ISC)² believes in the importance of open dialogue and collaboration. (ISC)² established this blog to provide a voice to certified members, who have significant knowledge and valuable insights that can benefit other information security professionals and the public at large.

The (ISC)2 blog gives members a forum to exchange ideas and inspires a safe and secure cyber world by supporting the advancement of the information security workforce via a public exchange with a broad range of information security topics.

Whether an (ISC)² member chooses to participate in the (ISC)² blog is his or her own decision. The postings on this site are the author's own and don't necessarily represent (ISC)²'s positions, strategies or opinions. (ISC)² monitors the blog in accordance with the (ISC)² Blog Guidelines, but the bloggers are responsible for their own content – common sense and intelligence should prevail.

Other than links to the (ISC)2 website, (ISC)² does not control or endorse any links to products or services provided in this blog and makes no warranty regarding the content on any other linked website.

Those who post comments to (ISC)² blogs should ensure their comments are focused on relevant topics that relate to the specific blog being discussed. (ISC)² reserves the right to remove any post or comment from this site. Should you find objectionable content in this blog, please notify us as soon as possible at blog@isc2.org